Cloud

Infrastructure as Code: A Developer-Minded Approach to Cloud Computing

Tech teams can speed up their infrastructure scaling consistently and safely through code-based provisioning.

Ernie Smith is a former contributor to BizTech, an old-school blogger who specializes in side projects, and a tech history nut who researches vintage operating systems for fun.

Keeping cloud infrastructure manageable can be a challenging task, as complicated setups can topple over at scale without the right architecture. But of the many benefits offered by cloud computing and virtualization tools, one of the most important may be improvements in managing infrastructure in a consistent way that’s easy to replicate.

One way to do this is through Infrastructure as Code (IaC), which creates an abstraction layer for building out cloud environments through automated scripts. For those working with complex cloud builds, it could make for simpler management in the long run.

What Is Infrastructure as Code?

IaC is not a particularly new trend. According to author and consultant Stephen Nelson-Smith, the concept dates to the earliest days of Amazon Web Services’ Elastic Compute Cloud in 2006, as well as the release of version 1.0 of the Ruby on Rails application framework during the same period. Combined, these two events lowered the barrier of entry for scalable infrastructure, but they also added complexity that created a new need for configuration tools that could deploy new resources as needed.

In many ways, IaC is a philosophy of packaging and organizing cloud infrastructure to be built on demand based on an existing model rather than having to rebuild from scratch each time. This takes advantage of the instant resourcing capabilities offered by cloud computing and virtualization technology, using automated programming to complete tasks. This makes it possible to easily scale and redistribute infrastructure as needed.

Briana Frank, director of product management for IBM Cloud, says that in many ways, IaC breaks down the process of building a new infrastructure the same way developers might approach their toolkits when working on new applications.

“A developer wouldn’t write every line of code each time they had to run their application,” Frank says. “Similarly, an operations engineer shouldn’t have to click through every button in their cloud provider each time they want to deploy a new environment. They must be able to store everything that defines their Infrastructure as Code. This is generally stored in something like GitHub — the same place that developers maintain their app code.”

Thinking about infrastructure in the same way programmers think about toolkits opens up opportunities for scale. Chris Gardner, vice president and research director at Forrester, says that beyond the ability to store tools in source code repositories like GitHub, this approach allows for a continuous delivery pipeline.

“Since you’re modeling infrastructure as software, you get all of the benefits typically afforded to application developers,” Gardner says.

As Gardner notes in a 2018 report, “‌Become a Unicorn with Infrastructure as Code,” nearly 90 percent of global enterprise infrastructure decision-makers emphasized the importance of having a comprehensive cloud strategy. IaC could be one element of building a strategic approach toward cloud.

DISCOVER: Learn more about how infrastructure as code and AWS work together.

What Are the Benefits of IaC?

From an automation standpoint, Infrastructure as Code can help ensure efficiency in the buildout of resources while offering consistent configuration and flexibility in deployment. Resources can be distributed via the cloud or on-premises as needed, which can come in handy during major crises — such as the start of the COVID-19 pandemic, when some businesses found themselves suddenly needing to scale up.

Sometimes, organizations only need a specific piece of infrastructure for a few days or weeks rather than a few years. There’s also always the risk that something you expect to stay online might break. In these instances, IaC can help businesses stay flexible and ease the recovery process, notes Frank.

“Consider that there is a disaster and your infrastructure goes down or is otherwise in a corrupted state,” she explains. “If implemented correctly, you can automatically provision your entire infrastructure stack from scratch.”

With room for detailed customization, Frank says this can allow for the simple re-creation of test or production environments as needed.

There can be challenges in how IaC is managed, however. One example of this is configuration drift, which Frank says happens when changes are made to existing infrastructure without updating the code to match. This can create significant security issues and long-term compliance challenges, ITProPortal reports. Even a small divergence can create big problems down the line.

“In a perfect world, all infrastructure changes are done in the code, so this wouldn’t be a problem,” Frank adds.

The Best Tools for IaC

A wide variety of offerings exist that can allow organizations to take advantage of IaC. For example, Amazon Web Services (AWS) natively offers two such tools for building infrastructure via a codebase: AWS CloudFormation, which is built out using templates in the JavaScript Object Notation (JSON) format, and Amazon Machine Image, which allows users to deploy services using the Amazon Elastic Compute Cloud. A variety of IaC use cases exist for AWS, along with other common cloud distribution platforms such as Microsoft Azure and Google Cloud Platform.

For its cloud offerings, IBM supports the open-source software offering Terraform, a tool developed by HashiCorp that allows users to provision infrastructure using either HashiCorp’s own configuration language or in JSON. Frank notes that this offers a lot of room for flexibility in building out your infrastructure.

“One of the greatest things about Terraform is that it is a declarative language rather than imperative,” she says. ”Would you rather tell your taxi driver every step of how to get to your destination, or simply call an Uber that automatically calculates the best route? A declarative language lets you declare the final state of your infrastructure and lets the tool handle the individual steps to get there. This is crucial in any IaC solution you look to adopt.”

Other well-known, open-source tools for IaC provisioning and configuration include Chef, Puppet and Ansible.

How IaC Can Work with Existing Infrastructure

One of the potential challenges that organizations might face in trying to implement an Infrastructure as Code solution is integrating it with existing infrastructures, which could slow down efforts to introduce the technology.

In the case of Terraform, Frank says that there’s an open-source tool called Terraformer that can analyze existing infrastructure to find opportunities to convert it into something that can be automated through IaC.

“In absence of this tool, developer teams can manually replicate their existing stack by building out their IaC scripts,” she says.

There are also ways to extend the use of IaC offerings beyond the surface level, notes Gardner.

“Most folks stop at the container level, but Infrastructure as Code goes all the way down to the bare metal,” he says. “I expect IaC developers to continue the trend of codifying downward via APIs while application developers increasingly leverage higher-level abstraction above it, such as PaaS and serverless.”

zokara/Getty Images